When a user logs out of our JBoss Portal application he is sent to a portal
page that contains a logout portlet whose processAction() method calls
JBossActionResponse.signout("/home").
This works quite well when our users log in through our normal JSP form
mechanism. However, the registration wizard of our website uses the new
org.jboss.web.tomcat.security.login.WebAuthentication class to programatically
log users in, such that they do not have to re-login once they have created the
username and password.
The problem we have is when the programatically signed in members try to log
out using the JBossActionResponse.signout() method. In looking at the code for
this method, it is checking that the AUTH_TYPE of the portlet request is set to
"FORM" and throwing an exception if it is not. When we programatically sign in
using the WebAuthentication class, the AUTH_TYPE is set to
"PROGRAMMATIC_WEB_LOGIN", and thus we get the exception.
My question is why this AUTH_TYPE check exists in the signout() method, and if
anyone knows a way around it using the programmatic login.
Thanks,
Ted
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4085597#4085597
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4085597
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
